Описание
AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.8 (включая)
cpe:2.3:a:afflib:afflib:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00405
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.
EPSS
Процентиль: 60%
0.00405
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other